Note that learners can generate a set of course materials (PDF and videos) once their access to the course starts. To make the learning experience seamless we have provided a one-to-one mapping of the video-downloaded material to the course portal.
| Copyright | ||
| Portal Text Name | Portal Video | Offline (Folder - N/A) |
| Copyright | ||
| Copyright | Copyright | COPY_00_00 |
| Module 2 Tools | ||
| Portal Text Name | Portal Video | Offline (Folder - Tools) |
| 2.1. Getting Started | ||
| 2.1.1. Accessing The Lab Machines | N/A | N/A |
| 2.1.2. About Proxies | N/A | N/A |
| 2.2. Burp Suite | ||
| 2.2. Burp Suite | 1.1. Burp Suite | Tools_02_00 |
| 2.2.1. Burp Suite's Built-In Browser | 1.1.1. Burp Suite's Built-In Browser | Tools_02_01 |
| 2.2.2. Using Burp Suite with Other Browsers | 1.1.2. Using Burp Suite with Other Browsers | Tools_02_02 |
| 2.2.3. Proxy | 1.1.3. Proxy | Tools_02_03 |
| 2.2.4. Intruder | 1.1.4. Intruder | Tools_02_04 |
| 2.2.5. Repeater | 1.1.5. Repeater | Tools_02_05 |
| 2.2.6. Extra Mile | N/A | N/A |
| 2.3. Nmap | ||
| 2.3. Nmap | 1.2. Nmap | Tools_03_00 |
| 2.3.1. Nmap Scripts | 1.2.1. Nmap Scripts | Tools_03_01 |
| 2.3.2. Extra Mile | N/A | N/A |
| 2.4. Wordlists | ||
| 2.4.1. SecLists Installation | N/A | N/A |
| 2.4.2. Choosing a Wordlist | 1.3.1. Choosing a Wordlist | Tools_04_02 |
| 2.4.3. Building Custom Wordlists | 1.3.2. Building Custom Wordlists | Tools_04_03 |
| 2.5. Gobuster | ||
| 2.5.1. Installing Gobuster & Basic Usage | 1.4.1. Installing Gobuster & Basic Usage | Tools_05_01 |
| 2.5.2. Endpoint Discovery with Gobuster | 1.4.2. Endpoint Discovery with Gobuster | Tools_05_02 |
| 2.5.3. Go Bust Those Subdomains! | 1.4.3. Go Bust Those Subdomains! | Tools_05_03 |
| 2.6. Wfuzz | ||
| 2.6. Wfuzz | 1.5. Wfuzz | Tools_06_00 |
| 2.6.1. File Discovery | 1.5.1. File Discovery | Tools_06_01 |
| 2.6.2. Directory Discovery | 1.5.2. Directory Discovery | Tools_06_02 |
| 2.6.3. Parameter Discovery | 1.5.3. Parameter Discovery | Tools_06_03 |
| 2.6.4. Fuzzing Parameter Values | 1.5.4. Fuzzing Parameter Values | Tools_06_04 |
| 2.6.5. Fuzzing POST Data | 1.5.5. Fuzzing POST Data | Tools_06_05 |
| 2.6.6. Extra Mile | N/A | N/A |
| 2.7. Hakrawler | ||
| 2.7.1. Hakrawler Installation | N/A | N/A |
| 2.7.2. Hakrawler and the Wayback Machine | 1.6.1. Hakrawler and the Wayback Machine | Tools_07_02 |
| 2.8. Shells | ||
| 2.8. Shells | 1.7 Shells | Tools_08_00 |
| 2.8.1. Web Technology | N/A | N/A |
| 2.8.2. Choosing the Correct Shell | N/A | N/A |
| 2.8.3. Payloads | N/A | N/A |
| 2.8.4. Extra Mile | N/A | N/A |
| Module 3 Cross-Site Scripting Introduction and Discovery | ||
| Portal Text Name | Portal Video | Offline (Folder - Cross-Site Scripting Introduction and Discovery) |
| 3.1. Introduction to the Sandbox | ||
| 3.1.1. Accessing the Sandbox | 2.1.1. Understanding the Sandbox | XSS01_01_02 |
| 3.1.2. Understanding the Sandbox | N/A | N/A |
| 3.2. JavaScript Basics for Offensive Uses | ||
| 3.2.1. Syntax Overview | 2.2.1. Syntax Overview | XSS01_02_01 |
| 3.2.2. Useful APIs | 2.2.2. Useful APIs | XSS01_02_02 |
| 3.3. Cross-Site Scripting - Discovery | ||
| 3.3.1. Reflected Server XSS | 2.3.1. Reflected Server XSS | XSS01_03_01 |
| 3.3.2. Stored Server XSS | 2.3.2. Stored Server XSS | XSS01_03_02 |
| 3.3.3. Reflected Client XSS | 2.3.3. Reflected Client XSS | XSS01_03_03 |
| 3.3.4. Stored Client XSS | 2.3.4. Stored Client XSS | XSS01_03_04 |
| Module 4 Cross-Site Scripting Exploitation and Case Study | ||
| Portal Text Name | Portal Video | Offline (Folder - Cross-Site Scripting Exploitation and Case Study) |
| 4.1. Cross-Site Scripting - Exploitation | ||
| 4.1.1. Accessing The Sandbox | N/A | N/A |
| 4.1.2. Moving the Payload to an External Resource | 3.1.1. Moving the Payload to an External Resource | XSS02_01_02 |
| 4.1.3. Stealing Session Cookies | 3.1.2. Stealing Session Cookies | XSS02_01_03 |
| 4.1.4. Stealing Local Secrets | 3.1.3. Stealing Local Secrets | XSS02_01_04 |
| 4.1.5. Keylogging | 3.1.4. Keylogging | XSS02_01_05 |
| 4.1.6. Stealing Saved Passwords | 3.1.5. Stealing Saved Passwords | XSS02_01_06 |
| 4.1.7. Phishing Users | 3.1.6. Phishing Users | XSS02_01_07 |
| 4.2. Case Study: Shopizer Reflected XSS | ||
| 4.2. Case Study: Shopizer Reflected XSS | 3.2. Case Study: Shopizer Reflected XSS | XSS02_02_00 |
| 4.2.1. Getting Started | 3.2.1. Getting Started | XSS02_02_01 |
| 4.2.2. Discovering the Vulnerability | 3.2.2. Discovering the Vulnerability | XSS02_02_02 |
| 4.2.3. Loading Remote Scripts | 3.2.3. Loading Remote Scripts | XSS02_02_03 |
| 4.2.4. Exploiting Reflected XSS | 3.2.4. Exploiting Reflected XSS | XSS02_02_04 |
| Module 5 Cross-Origin Attacks | ||
| Portal Text Name | Portal Video | Offline (Folder - Cross-Origin Attacks) |
| 5.1. Same-Origin Policy | ||
| 5.1. Same-Origin Policy | 4.1. Same-Origin Policy | COA_01_00 |
| 5.1.1. Accessing the CORS Sandbox | N/A | N/A |
| 5.1.2. Introduction to the Same-Origin Policy | N/A | N/A |
| 5.2. SameSite Cookies | ||
| 5.2. SameSite Cookies | N/A | N/A |
| 5.3. Cross-Site Request Forgery (CSRF) | ||
| 5.3.1. Detecting and Preventing CSRF | N/A | N/A |
| 5.3.2. Exploiting CSRF | N/A | N/A |
| 5.4. Case Study: Apache OFBiz | ||
| 5.4. Case Study: Apache OFBiz | 4.4. Case Study: Apache OFBiz | COA_04_00 |
| 5.4.1. Accessing Apache OFBiz | N/A | N/A |
| 5.4.2. Apache OFBiz - Discovery | 4.2.1. Apache OFBiz - Discovery | COA_04_01 |
| 5.4.3. Apache OFBiz - Exploitation | 4.2.2. Apache OFBiz - Exploitation | COA_04_02 |
| 5.4.4. Revising the CSRF Payload | 4.2.3. Revising the CSRF Payload | COA_04_03 |
| 5.5. Cross-Origin Resource Sharing (CORS) | ||
| 5.5.1. Anatomy of the CORS Request | N/A | N/A |
| 5.5.2. Response Headers | N/A | N/A |
| 5.6. Exploiting Weak CORS Policies | ||
| 5.6. Exploiting Weak CORS Policies | 4.6. Exploiting Weak CORS Policies | COA_06_00 |
| 5.6.1. Weak CORS Policies - Discovery | 4.3.1. Weak CORS Policies - Discovery | COA_06_01 |
| 5.6.2. Trusting Any Origin | 4.3.2. Trusting Any Origin | COA_06_02 |
| 5.6.3. Improper Domain Allowlist | 4.3.3. Improper Domain Allowlist | COA_06_03 |
| Module 6 Introduction to SQL | ||
| Portal Text Name | Portal Video | Offline (Folder - Introduction to SQL) |
| 6.1. SQL Overview | ||
| 6.1.1. Basic SQL Syntax | 5.1.1. Basic SQL Syntax | SQLi01_01_01 |
| 6.1.2. Manual Database Enumeration | N/A | N/A |
| 6.2. Enumerating MySQL Databases | ||
| 6.2.1. MySQL Specific Functions and Tables | 5.2.1. MySQL Specific Functions and Tables | SQLi01_02_01 |
| 6.3. Enumerating Microsoft SQL Server Databases | ||
| 6.3.1. Microsoft SQL Server Specific Functions and Tables | 5.3.1. Microsoft SQL Server Specific Functions and Tables | SQLi01_03_01 |
| 6.4. Enumerating PostgreSQL Databases | ||
| 6.4.1. PostgreSQL Specific Functions and Tables | 5.4.1. PostgreSQL Specific Functions and Tables | SQLi01_04_01 |
| 6.5. Enumerating Oracle Databases | ||
| 6.5.1. Oracle Specific Tables | 5.5.1. Oracle Specific Tables | SQLi01_05_01 |
| Module 7 SQL Injection | ||
| Portal Text Name | Portal Video | Offline (Folder - SQL Injection) |
| 7.1. Introduction to SQL Injection | ||
| 7.1.1. What is SQL Injection? | N/A | N/A |
| 7.2. Testing for SQL Injection | ||
| 7.2.1. String Delimiters | N/A | N/A |
| 7.2.2. Closing Out Strings and Functions | N/A | N/A |
| 7.2.3. Sorting | 6.1.1. Sorting | SQLi02_02_03 |
| 7.2.4. Boundary Testing | 6.1.2. Boundary Testing | SQLi02_02_04 |
| 7.2.5. Fuzzing | 6.1.3. Fuzzing | SQLi02_02_05 |
| 7.3. Exploiting SQL Injection | ||
| 7.3.1. Error-based Payloads | 6.2.1. Error-based Payloads | SQLi02_03_01 |
| 7.3.2. UNION-based Payloads | 6.2.2. UNION-based Payloads | SQLi02_03_02 |
| 7.3.3. Stacked Queries | 6.2.3. Stacked Queries | SQLi02_03_03 |
| 7.3.4. Reading and Writing Files | 6.2.4. Reading and Writing Files | SQLi02_03_04 |
| 7.3.5. Remote Code Execution | 6.2.5. Remote Code Execution | SQLi02_03_05 |
| 7.3.6. Extra Miles | N/A | N/A |
| 7.4. Database dumping with Automated Tools | ||
| 7.4.1. SQLMap | 6.3.1. SQLMap | SQLi02_04_01 |
| 7.5. Case Study: Error-based SQLi in Piwigo | ||
| 7.5.1. Accessing Piwigo | N/A | N/A |
| 7.5.2. Discovering the Vulnerable Parameter | 6.4.1. Discovering the Vulnerable Parameter | SQLi02_05_02 |
| 7.5.3. Exploiting Error-based SQL Injection | 6.4.2. Exploiting Error-based SQL Injection | SQLi02_05_03 |
| Module 8 Directory Traversal Attacks | ||
| Portal Text Name | Portal Video | Offline (Folder - Directory Traversal Attacks) |
| 8.1. Directory Traversal Overview | ||
| 8.1. Directory Traversal Overview | 7.1. Directory Traversal Overview | DT_01_00 |
| 8.1.1. Accessing The Lab Machines | N/A | N/A |
| 8.2. Understanding Suggestive Parameters | ||
| 8.3. Relative vs. Absolute Pathing | ||
| 8.3.1. Absolute Pathing | 7.2.1. Absolute Pathing | DT_03_01 |
| 8.3.2. Extra Mile I | N/A | N/A |
| 8.3.3. Relative Pathing | 7.2.2. Relative Pathing | DT_03_02 |
| 8.3.4. Extra Mile II | N/A | N/A |
| 8.4. Directory Listing | ||
| 8.4. Directory Listing | 7.3. Directory Listing | DT_04_00 |
| 8.4.1. Parameter Analysis | 7.3.1. Parameter Analysis | DT_04_01 |
| 8.4.2. Evidence of Directory Listing | 7.3.2. Evidence of Directory Listing | DT_04_02 |
| 8.5. Directory Traversal Sandbox | ||
| 8.5.1. Directory Traversal - Exploitation | 7.4.1. Directory Traversal - Exploitation | DT_05_01 |
| 8.5.2. Wordlist/Payload Lists | N/A | N/A |
| 8.5.3. Fuzzing the Path Parameter | 7.4.2. Fuzzing the Path Parameter | DT_05_03 |
| 8.6. Case Study: Home Assistant | ||
| 8.6. Case Study: Home Assistant | 7.5. Case Study: Home Assistant | DT_06_00 |
| 8.6.1. Initial Application Assessment | 7.5.1. Initial Application Assessment | DT_06_01 |
| 8.6.2. Exploitation | 7.5.2. Exploitation | DT_06_02 |
| 8.6.3. Extra Mile | N/A | N/A |
| Module 9 XML External Entities | ||
| Portal Text Name | Portal Video | Offline (Folder - XML External Entities) |
| 9.1. Introduction to XML | ||
| 9.1.1. XML Entities | N/A | N/A |
| 9.2. Understanding XML External Entity Processing Vulnerabilities | ||
| 9.3. Testing for XXE | ||
| 9.3.1. Retrieving Files | N/A | N/A |
| 9.3.2. Error-based Testing | N/A | N/A |
| 9.3.3. Out-of-Band Testing | N/A | N/A |
| 9.4. Case Study: Apache OFBiz XXE Vulnerability | ||
| 9.4. Case Study: Apache OFBiz XXE Vulnerability | 8.1. Case Study: Apache OFBiz XXE Vulnerability | XXE_04_00 |
| 9.4.1. Accessing Apache OFBiz | N/A | N/A |
| 9.4.2. Discovery | 8.1.1. Discovery | XXE_04_01 |
| 9.4.3. Exploitation | 8.1.2. Exploitation | XXE_04_02 |
| 9.4.4. Error-Based Exploitation | 8.1.3. Error-Based Exploitation | XXE_04_03 |
| 9.4.5. Out-of-Band Exploitation | 8.1.4. Out-of-Band Exploitation | XXE_04_04 |
| Module 10 Server-side Template Injection - Discovery and Exploitation | ||
| Portal Text Name | Portal Video | Offline (Folder - Server-side Template Injection - Discovery and Exploitation) |
| 10.1. Templating Engines | ||
| 10.1.1. Accessing the Template Sandbox | N/A | N/A |
| 10.1.2. Introduction to Templating Engines | N/A | N/A |
| 10.2. Twig - Discovery and Exploitation | ||
| 10.2.1. Twig - Discovery | 9.1.1. Twig - Discovery | SSTI_02_01 |
| 10.2.2. Twig - Exploitation | 9.1.2. Twig - Exploitation | SSTI_02_02 |
| 10.3. Apache Freemarker - Discovery and Exploitation | ||
| 10.3.1. Freemarker - Discovery | 9.2.1. Freemarker - Discovery | SSTI_03_01 |
| 10.3.2. Freemarker - Exploitation | 9.2.2. Freemarker - Exploitation | SSTI_03_02 |
| 10.4. Pug - Discovery and Exploitation | ||
| 10.4.1. Pug - Discovery | 9.3.1. Pug - Discovery | SSTI_04_01 |
| 10.4.2. Pug - Exploitation | 9.3.2. Pug - Exploitation | SSTI_04_02 |
| 10.5. Jinja - Discovery and Exploitation | ||
| 10.5.1. Jinja - Discovery | 9.4.1. Jinja - Discovery | SSTI_05_01 |
| 10.5.2. Jinja - Exploitation | 9.4.2. Jinja - Exploitation | SSTI_05_02 |
| 10.6. Mustache and Handlebars - Discovery and Exploitation | ||
| 10.6.1. Mustache and Handlebars - Discovery | 9.5.1. Mustache and Handlebars - Discovery | SSTI_06_01 |
| 10.6.2. Mustache and Handlebars - Exploitation | 9.5.2. Mustache and Handlebars - Exploitation | SSTI_06_02 |
| 10.7. Halo - Case Study | ||
| 10.7. Halo - Case Study | 9.6. Halo - Case Study | SSTI_07_00 |
| 10.7.1. Accessing Halo | N/A | N/A |
| 10.7.2. Halo - Translation and Discovery | 9.6.1. Halo - Translation and Discovery | SSTI_07_02 |
| 10.7.3. Halo - Exploitation | 9.6.2. Halo - Exploitation | SSTI_07_03 |
| 10.7.4. Extra Mile | N/A | N/A |
| 10.8. Craft CMS with Sprout Forms - Case Study | ||
| 10.8. Craft CMS with Sprout Forms - Case Study | 9.7. Craft CMS with Sprout Forms - Case Study | SSTI_08_00 |
| 10.8.1. Accessing Craft CMS | N/A | N/A |
| 10.8.2. Craft CMS with Sprout Forms - Discovery | 9.7.1. Craft CMS with Sprout Forms - Discovery | SSTI_08_02 |
| 10.8.3. Craft CMS with Sprout Forms - Exploitation | 9.7.2. Craft CMS with Sprout Forms - Exploitation | SSTI_08_03 |
| Module 11 Command Injection | ||
| Portal Text Name | Portal Video | Offline (Folder - Command Injection) |
| 11.1. Discovery of Command Injection | ||
| 11.1.1. Accessing the Command Injection Sandbox | N/A | N/A |
| 11.1.2. Familiarizing Ourselves with the Sandbox | 10.1.1. Familiarizing Ourselves with the Sandbox | CI_01_02 |
| 11.1.3. Where is Command Injection Most Common? | N/A | N/A |
| 11.1.4. About the Chaining of Commands & System Calls | 10.1.2. About the Chaining of Commands & System Calls | CI_01_04 |
| 11.2. Dealing with Common Protections | ||
| 11.2.1. Typical Input Normalization - Sending Clean Payloads | 10.2.1. Typical Input Normalization - Sending Clean Payloads | CI_02_01 |
| 11.2.2. Typical Input Sanitization - Blocklisted Strings Bypass | 10.2.2. Typical Input Sanitization - Blocklisted Strings Bypass | CI_02_02 |
| 11.2.3. Blind OS Command Injection Bypass | 10.2.3. Blind OS Command Injection Bypass | CI_02_03 |
| 11.2.4. Extra Mile | N/A | N/A |
| 11.3. Enumeration and Exploitation | ||
| 11.3.1. Enumerating Command Injection Capabilities | 10.3.1. Enumerating Command Injection Capabilities | CI_03_01 |
| 11.3.2. Obtaining a Shell - Netcat | 10.3.2. Obtaining a Shell - Netcat | CI_03_02 |
| 11.3.3. Obtaining a Shell - Python | 10.3.3. Obtaining a Shell - Python | CI_03_03 |
| 11.3.4. Obtaining a Shell - Node.js | 10.3.4. Obtaining a Shell - Node.js | CI_03_04 |
| 11.3.5. Obtaining a Shell - PHP | 10.3.5. Obtaining a Shell - PHP | CI_03_05 |
| 11.3.6. Obtaining a Shell - Perl | 10.3.6. Obtaining a Shell - Perl | CI_03_06 |
| 11.3.7. File Transfer | 10.3.7. File Transfer | CI_03_07 |
| 11.3.8. Extra Mile I | N/A | N/A |
| 11.3.9. Writing a Web Shell | 10.3.8. Writing a Web Shell | CI_03_09 |
| 11.3.10. Extra Mile II | N/A | N/A |
| 11.4. Case Study - OpenNetAdmin (ONA) | ||
| 11.4.1. Accessing OpenNetAdmin | N/A | N/A |
| 11.4.2. Discovery and Assessment | 10.4.1. Discovery and Assessment | CI_04_02 |
| 11.4.3. Exploitation | 10.4.2. Exploitation | CI_04_03 |
| Module 12 Server-side Request Forgery | ||
| Portal Text Name | Portal Video | Offline (Folder - Server-side Request Forgery) |
| 12.1. Introduction to SSRF | ||
| 12.1.1. Interacting with the Vulnerable Server | 11.1.1. Interacting with the Vulnerable Server | SSRF_01_01 |
|
12.1.2. Interacting with Back-end Systems and Private IP Ranges
|
N/A | |
| 12.2. Testing for SSRF | ||
| 12.2.1. Accessing the SSRF Sandbox Application | N/A | N/A |
| 12.2.2. Discovering SSRF Vulnerabilities | 11.2.1. Discovering SSRF Vulnerabilities | SSRF_02_02 |
| 12.2.3. Calling Home to Kali | 11.2.2. Calling Home to Kali | SSRF_02_03 |
| 12.3. Exploiting SSRF | ||
| 12.3.1. Retrieving Data | 11.3.1. Retrieving Data | SSRF_03_01 |
| 12.3.2. Instance Metadata in Cloud | N/A | N/A |
| 12.3.3. Bypassing Authentication in Microservices | N/A | N/A |
| 12.3.4. Alternative URL Schemes | 11.3.2. Alternative URL Schemes | SSRF_03_04 |
| 12.3.5. Extra Mile | N/A | N/A |
| 12.4. Case Study: Group Office | ||
| 12.4.1. Accessing Group Office | N/A | N/A |
| 12.4.2. Discovering the SSRF Vulnerabilities | 11.4.1. Discovering the SSRF Vulnerabilities | SSRF_04_02 |
| 12.4.3. Exploiting the SSRF Vulnerabilities | 11.4.2. Exploiting the SSRF Vulnerabilities | SSRF_04_03 |
| Module 13 Insecure Direct Object Referencing | ||
| Portal Text Name | Portal Video | Offline (Folder - Insecure Direct Object Referencing) |
| 13.1. Introduction to IDOR | ||
| 13.1.1. Static File IDOR | N/A | N/A |
| 13.1.2. Database Object Referencing (ID-Based) IDOR | N/A | N/A |
| 13.2. Exploiting IDOR in the Sandbox | ||
| 13.2.1. Accessing The IDOR Sandbox Application | N/A | N/A |
| 13.2.2. Exploiting Static File IDOR | 12.1.1. Exploiting Static File IDOR | IDOR_02_02 |
| 13.2.3. Exploiting ID-Based IDOR | 12.1.2. Exploiting ID-Based IDOR | IDOR_02_03 |
| 13.2.4. Exploiting More Complex IDOR | 12.1.3. Exploiting More Complex IDOR | IDOR_02_04 |
| 13.2.5. Extra Miles | N/A | N/A |
| 13.3. Case Study: OpenEMR | ||
| 13.3.1. Accessing The OpenEMR Case Study | N/A | N/A |
| 13.3.2. Discovery of the IDOR Vulnerability | 12.2.1. Discovery of the IDOR Vulnerability | IDOR_03_02 |
| 13.3.3. Exploiting the IDOR Vulnerability | 12.2.2. Exploiting the IDOR Vulnerability | IDOR_03_03 |
| 13.3.4. Extra Mile | N/A | N/A |
| Module 14 Assembling the Pieces: Web Application Assessment Breakdown | ||
| Portal Text Name | Portal Video | Offline (Folder - Assembling the Pieces - Web Application Assessment Breakdown) |
| 14.1. Introduction to WEB-200 Challenge Machines | ||
| 14.1.1. Welcome to the Challenge Machines | N/A | N/A |
| 14.1.2. Starting and Accessing Challenge Machines | N/A | N/A |
| 14.1.3. Completing Challenge Machines | N/A | N/A |
| 14.2. Web Application Enumeration | ||
| 14.2.1. Accessing the Challenge Machine | N/A | N/A |
| 14.2.2. Basic Host Enumeration and OS Detection | 13.1.1. Basic Host Enumeration and OS Detection | ATP_02_02 |
| 14.2.3. Content Discovery | 13.1.2. Content Discovery | ATP_02_03 |
| 14.3. Authentication Bypass | ||
| 14.3.1. Finding a Directory Traversal | 13.2.1. Finding a Directory Traversal | ATP_03_01 |
| 14.3.2. Exploiting a Directory Traversal | 13.2.2. Exploiting a Directory Traversal | ATP_03_02 |
| 14.4. Remote Code Execution | ||
| 14.4. Remote Code Execution | 13.3. Remote Code Execution | ATP_04_00 |
| 14.4.1. Finding SQL Injection | 13.3.1. Finding SQL Injection | ATP_04_01 |
| 14.4.2. Exploit SQL Injection for RCE | 13.3.2. Exploit SQL Injection for RCE | ATP_04_02 |
| 14.4.3. Obtaining a Shell | 13.3.3. Obtaining a Shell | ATP_04_03 |
| 14.4.4. Conclusion | N/A | N/A |